@spinajs/rbac 2.0.472 → 2.0.474
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/cjs/config/rbac.d.ts +35 -0
- package/lib/cjs/config/rbac.d.ts.map +1 -1
- package/lib/cjs/config/rbac.js +31 -0
- package/lib/cjs/config/rbac.js.map +1 -1
- package/lib/cjs/events/UserImpersonationEnded.d.ts +12 -0
- package/lib/cjs/events/UserImpersonationEnded.d.ts.map +1 -0
- package/lib/cjs/events/UserImpersonationEnded.js +32 -0
- package/lib/cjs/events/UserImpersonationEnded.js.map +1 -0
- package/lib/cjs/events/UserImpersonationStarted.d.ts +12 -0
- package/lib/cjs/events/UserImpersonationStarted.d.ts.map +1 -0
- package/lib/cjs/events/UserImpersonationStarted.js +32 -0
- package/lib/cjs/events/UserImpersonationStarted.js.map +1 -0
- package/lib/cjs/events/index.d.ts +2 -0
- package/lib/cjs/events/index.d.ts.map +1 -1
- package/lib/cjs/events/index.js +2 -0
- package/lib/cjs/events/index.js.map +1 -1
- package/lib/cjs/impersonation.d.ts +32 -0
- package/lib/cjs/impersonation.d.ts.map +1 -0
- package/lib/cjs/impersonation.js +97 -0
- package/lib/cjs/impersonation.js.map +1 -0
- package/lib/cjs/index.d.ts +1 -0
- package/lib/cjs/index.d.ts.map +1 -1
- package/lib/cjs/index.js +1 -0
- package/lib/cjs/index.js.map +1 -1
- package/lib/cjs/interfaces.d.ts +12 -0
- package/lib/cjs/interfaces.d.ts.map +1 -1
- package/lib/cjs/middleware.d.ts +2 -0
- package/lib/cjs/middleware.d.ts.map +1 -1
- package/lib/cjs/middleware.js +51 -75
- package/lib/cjs/middleware.js.map +1 -1
- package/lib/cjs/models/User.d.ts.map +1 -1
- package/lib/cjs/models/User.js.map +1 -1
- package/lib/mjs/config/rbac.d.ts +35 -0
- package/lib/mjs/config/rbac.d.ts.map +1 -1
- package/lib/mjs/config/rbac.js +31 -0
- package/lib/mjs/config/rbac.js.map +1 -1
- package/lib/mjs/events/UserImpersonationEnded.d.ts +12 -0
- package/lib/mjs/events/UserImpersonationEnded.d.ts.map +1 -0
- package/lib/mjs/events/UserImpersonationEnded.js +29 -0
- package/lib/mjs/events/UserImpersonationEnded.js.map +1 -0
- package/lib/mjs/events/UserImpersonationStarted.d.ts +12 -0
- package/lib/mjs/events/UserImpersonationStarted.d.ts.map +1 -0
- package/lib/mjs/events/UserImpersonationStarted.js +29 -0
- package/lib/mjs/events/UserImpersonationStarted.js.map +1 -0
- package/lib/mjs/events/index.d.ts +2 -0
- package/lib/mjs/events/index.d.ts.map +1 -1
- package/lib/mjs/events/index.js +2 -0
- package/lib/mjs/events/index.js.map +1 -1
- package/lib/mjs/impersonation.d.ts +32 -0
- package/lib/mjs/impersonation.d.ts.map +1 -0
- package/lib/mjs/impersonation.js +94 -0
- package/lib/mjs/impersonation.js.map +1 -0
- package/lib/mjs/index.d.ts +1 -0
- package/lib/mjs/index.d.ts.map +1 -1
- package/lib/mjs/index.js +1 -0
- package/lib/mjs/index.js.map +1 -1
- package/lib/mjs/interfaces.d.ts +12 -0
- package/lib/mjs/interfaces.d.ts.map +1 -1
- package/lib/mjs/middleware.d.ts +2 -0
- package/lib/mjs/middleware.d.ts.map +1 -1
- package/lib/mjs/middleware.js +52 -76
- package/lib/mjs/middleware.js.map +1 -1
- package/lib/mjs/models/User.d.ts.map +1 -1
- package/lib/mjs/models/User.js.map +1 -1
- package/lib/tsconfig.cjs.tsbuildinfo +1 -1
- package/lib/tsconfig.mjs.tsbuildinfo +1 -1
- package/package.json +11 -11
package/lib/cjs/middleware.js
CHANGED
|
@@ -13,6 +13,7 @@ exports.RbacModelPermissionMiddleware = void 0;
|
|
|
13
13
|
const di_1 = require("@spinajs/di");
|
|
14
14
|
const orm_1 = require("@spinajs/orm");
|
|
15
15
|
const async_hooks_1 = require("async_hooks");
|
|
16
|
+
const accesscontrol_1 = require("accesscontrol");
|
|
16
17
|
const exceptions_1 = require("@spinajs/exceptions");
|
|
17
18
|
const log_common_1 = require("@spinajs/log-common");
|
|
18
19
|
const QUERY_TO_PERMISSION = {
|
|
@@ -29,6 +30,16 @@ const QUERY_TO_PERMISSION = {
|
|
|
29
30
|
all: "readAny"
|
|
30
31
|
}
|
|
31
32
|
};
|
|
33
|
+
const PERMISSION_SCOPE_TO_QUERY = {
|
|
34
|
+
deleteOwn: "DeleteQueryBuilder",
|
|
35
|
+
deleteAny: "DeleteQueryBuilder",
|
|
36
|
+
updateOwn: "UpdateQueryBuilder",
|
|
37
|
+
updateAny: "UpdateQueryBuilder",
|
|
38
|
+
readOwn: "SelectQueryBuilder",
|
|
39
|
+
readAny: "SelectQueryBuilder",
|
|
40
|
+
createOwn: "InsertQueryBuilder",
|
|
41
|
+
createAny: "InsertQueryBuilder"
|
|
42
|
+
};
|
|
32
43
|
let RbacModelPermissionMiddleware = class RbacModelPermissionMiddleware extends orm_1.QueryMiddleware {
|
|
33
44
|
beforeQueryExecution(_query) { }
|
|
34
45
|
afterQueryCreation(builder) {
|
|
@@ -39,101 +50,62 @@ let RbacModelPermissionMiddleware = class RbacModelPermissionMiddleware extends
|
|
|
39
50
|
if (storage && storage.User) {
|
|
40
51
|
// add where statement
|
|
41
52
|
const descriptor = (0, orm_1.extractModelDescriptor)(builder.Model);
|
|
42
|
-
const ac = di_1.DI.get('AccessControl');
|
|
43
53
|
// if model does not have @Resource() decorator set, model name is used
|
|
44
|
-
const resource = descriptor.RbacResource;
|
|
54
|
+
const resource = descriptor.RbacResource ?? descriptor.Name;
|
|
45
55
|
// no rbac is set do nothing
|
|
46
56
|
if (!resource) {
|
|
47
57
|
return;
|
|
48
58
|
}
|
|
59
|
+
if (storage?.PermissionScope) {
|
|
60
|
+
if (!PERMISSION_SCOPE_TO_QUERY[storage.PermissionScope]) {
|
|
61
|
+
this.Log.warn(`Permission scope ${storage.PermissionScope} does not match any query type, skipping rbac check`);
|
|
62
|
+
return;
|
|
63
|
+
}
|
|
64
|
+
if (builder.constructor.name !== PERMISSION_SCOPE_TO_QUERY[storage.PermissionScope]) {
|
|
65
|
+
this.Log.warn(`Permission scope ${storage.PermissionScope} does not match query type ${builder.constructor.name}, skipping rbac check`);
|
|
66
|
+
return;
|
|
67
|
+
}
|
|
68
|
+
}
|
|
69
|
+
const ownScope = storage?.PermissionScope ?? QUERY_TO_PERMISSION[builder.constructor.name].own;
|
|
70
|
+
const anyScope = storage?.PermissionScope ?? QUERY_TO_PERMISSION[builder.constructor.name].all;
|
|
71
|
+
const roles = storage.ActiveRole ? [storage.ActiveRole] : storage.User.Role;
|
|
72
|
+
const canAny = this.Ac.can(roles)[anyScope](resource).granted;
|
|
73
|
+
const canOwn = this.Ac.can(roles)[ownScope](resource).granted;
|
|
49
74
|
if (builder instanceof orm_1.SelectQueryBuilder || builder instanceof orm_1.UpdateQueryBuilder || builder instanceof orm_1.DeleteQueryBuilder) {
|
|
50
|
-
const canAny = ac.can(storage.User.Role)[QUERY_TO_PERMISSION[builder.constructor.name].all](resource).granted;
|
|
51
|
-
const canOwn = ac.can(storage.User.Role)[QUERY_TO_PERMISSION[builder.constructor.name].own](resource).granted;
|
|
52
75
|
/**
|
|
53
76
|
* Model can have custom rbac permission check
|
|
54
77
|
*/
|
|
55
78
|
const rbacFunc = builder.Model?.rbac;
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
if (
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
this.Log.trace(`Resource ${resource}:any permission granted for ${storage.User.Role}, scope: ${storage.PermissionScope}`);
|
|
66
|
-
return;
|
|
67
|
-
}
|
|
68
|
-
else {
|
|
69
|
-
throw new exceptions_1.Forbidden(`User does not have permission to access ${resource}:any permission`);
|
|
70
|
-
}
|
|
71
|
-
}
|
|
72
|
-
if (own.includes(storage.PermissionScope)) {
|
|
73
|
-
if (canOwn) {
|
|
74
|
-
this.Log.trace(`Resource ${resource}:own permission granted for ${storage.User.Role}, scope: ${storage.PermissionScope}`);
|
|
75
|
-
if (rbacFunc) {
|
|
76
|
-
this.Log.trace(`Applying custom rbac func for ${resource}`);
|
|
77
|
-
rbacFunc.call(builder, storage.User);
|
|
78
|
-
}
|
|
79
|
-
else if (descriptor.OwnerField) {
|
|
80
|
-
this.Log.trace(`Applying owner field restriction for ${resource}`);
|
|
81
|
-
builder.andWhere(descriptor.OwnerField, storage.User.PrimaryKeyValue);
|
|
82
|
-
}
|
|
83
|
-
else {
|
|
84
|
-
this.Log.error(`Model ${descriptor.Name} does not have OwnerField set or static rbac function, cannot apply :own permission`);
|
|
85
|
-
throw new orm_1.OrmException(`Model ${descriptor.Name} does not have OwnerField set, cannot apply :own permission`);
|
|
86
|
-
}
|
|
87
|
-
return;
|
|
88
|
-
}
|
|
89
|
-
}
|
|
90
|
-
throw new exceptions_1.Forbidden(`User does not have permission to access ${resource}:own permission`);
|
|
91
|
-
}
|
|
92
|
-
else if (canAny) {
|
|
93
|
-
this.Log.trace(`Resource ${resource}:any permission granted for ${storage.User.Role}, scope: ${storage.PermissionScope}`);
|
|
94
|
-
return;
|
|
79
|
+
if (canAny) {
|
|
80
|
+
this.Log.trace(`Resource ${resource}:any permission granted for ${storage.User.Role}, scope: ${storage.PermissionScope}`);
|
|
81
|
+
return;
|
|
82
|
+
}
|
|
83
|
+
else if (canOwn) {
|
|
84
|
+
this.Log.trace(`Resource ${resource}:own permission granted for ${storage.User.Role}, scope: ${storage.PermissionScope}`);
|
|
85
|
+
if (rbacFunc) {
|
|
86
|
+
this.Log.trace(`Applying custom rbac func for ${resource}`);
|
|
87
|
+
rbacFunc.call(builder, storage.User);
|
|
95
88
|
}
|
|
96
|
-
else if (
|
|
97
|
-
this.Log.trace(`
|
|
98
|
-
|
|
99
|
-
this.Log.trace(`Applying custom rbac func for ${resource}`);
|
|
100
|
-
rbacFunc.call(builder, storage.User);
|
|
101
|
-
}
|
|
102
|
-
else if (descriptor.OwnerField) {
|
|
103
|
-
this.Log.trace(`Applying owner field restriction for ${resource}`);
|
|
104
|
-
builder.andWhere(descriptor.OwnerField, storage.User.PrimaryKeyValue);
|
|
105
|
-
}
|
|
106
|
-
else {
|
|
107
|
-
this.Log.error(`Model ${descriptor.Name} does not have OwnerField set or static rbac function, cannot apply :own permission`);
|
|
108
|
-
throw new orm_1.OrmException(`Model ${descriptor.Name} does not have OwnerField set, cannot apply :own permission`);
|
|
109
|
-
}
|
|
89
|
+
else if (descriptor.OwnerField) {
|
|
90
|
+
this.Log.trace(`Applying owner field restriction for ${resource}`);
|
|
91
|
+
builder.andWhere(descriptor.OwnerField, storage.User.PrimaryKeyValue);
|
|
110
92
|
}
|
|
111
93
|
else {
|
|
112
|
-
|
|
94
|
+
this.Log.error(`Model ${descriptor.Name} does not have OwnerField set or static rbac function, cannot apply :own permission`);
|
|
95
|
+
throw new orm_1.OrmException(`Model ${descriptor.Name} does not have OwnerField set, cannot apply :own permission`);
|
|
113
96
|
}
|
|
114
|
-
}
|
|
115
|
-
else if (builder instanceof orm_1.InsertQueryBuilder) {
|
|
116
|
-
const canAny = ac.can(storage.User.Role)['createAny'](resource).granted;
|
|
117
|
-
const canOwn = ac.can(storage.User.Role)['createOwn'](resource).granted;
|
|
118
|
-
if (storage.PermissionScope && storage.PermissionScope === "createOwn") {
|
|
119
|
-
if (!canOwn) {
|
|
120
|
-
throw new exceptions_1.Forbidden(`User does not have permission to access ${resource}:insert permission`);
|
|
121
|
-
}
|
|
122
|
-
builder.values({
|
|
123
|
-
[descriptor.OwnerField]: storage.User.PrimaryKeyValue
|
|
124
|
-
});
|
|
125
|
-
return;
|
|
126
97
|
}
|
|
127
|
-
else
|
|
128
|
-
|
|
98
|
+
else {
|
|
99
|
+
throw new exceptions_1.Forbidden(`User does not have permission to access ${resource}:read permission`);
|
|
129
100
|
}
|
|
130
|
-
|
|
101
|
+
}
|
|
102
|
+
else if (builder instanceof orm_1.InsertQueryBuilder) {
|
|
103
|
+
if (canOwn) {
|
|
131
104
|
builder.values({
|
|
132
105
|
[descriptor.OwnerField]: storage.User.PrimaryKeyValue
|
|
133
106
|
});
|
|
134
|
-
return;
|
|
135
107
|
}
|
|
136
|
-
else {
|
|
108
|
+
else if (!canAny) {
|
|
137
109
|
throw new exceptions_1.Forbidden(`User does not have permission to access ${resource}:insert permission`);
|
|
138
110
|
}
|
|
139
111
|
}
|
|
@@ -147,6 +119,10 @@ __decorate([
|
|
|
147
119
|
(0, log_common_1.Logger)('RBAC'),
|
|
148
120
|
__metadata("design:type", log_common_1.Log)
|
|
149
121
|
], RbacModelPermissionMiddleware.prototype, "Log", void 0);
|
|
122
|
+
__decorate([
|
|
123
|
+
(0, di_1.Autoinject)(),
|
|
124
|
+
__metadata("design:type", accesscontrol_1.AccessControl)
|
|
125
|
+
], RbacModelPermissionMiddleware.prototype, "Ac", void 0);
|
|
150
126
|
exports.RbacModelPermissionMiddleware = RbacModelPermissionMiddleware = __decorate([
|
|
151
127
|
(0, di_1.Injectable)(orm_1.QueryMiddleware)
|
|
152
128
|
], RbacModelPermissionMiddleware);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"middleware.js","sourceRoot":"","sources":["../../src/middleware.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,
|
|
1
|
+
{"version":3,"file":"middleware.js","sourceRoot":"","sources":["../../src/middleware.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,oCAAyD;AACzD,sCAAmL;AACnL,6CAAgD;AAEhD,iDAA8C;AAC9C,oDAAgD;AAChD,oDAAkD;AAElD,MAAM,mBAAmB,GAAG;IAC1B,kBAAkB,EAAE;QAClB,GAAG,EAAE,WAAW;QAChB,GAAG,EAAE,WAAW;KACjB;IACD,kBAAkB,EAAE;QAClB,GAAG,EAAE,WAAW;QAChB,GAAG,EAAE,WAAW;KACjB;IACD,kBAAkB,EAAE;QAClB,GAAG,EAAE,SAAS;QACd,GAAG,EAAE,SAAS;KACf;CACF,CAAA;AAED,MAAM,yBAAyB,GAAG;IAChC,SAAS,EAAE,oBAAoB;IAC/B,SAAS,EAAE,oBAAoB;IAC/B,SAAS,EAAE,oBAAoB;IAC/B,SAAS,EAAE,oBAAoB;IAC/B,OAAO,EAAE,oBAAoB;IAC7B,OAAO,EAAE,oBAAoB;IAC7B,SAAS,EAAE,oBAAoB;IAC/B,SAAS,EAAE,oBAAoB;CAChC,CAAA;AAGM,IAAM,6BAA6B,GAAnC,MAAM,6BAA8B,SAAQ,qBAAe;IAQhE,oBAAoB,CAAC,MAAyB,IAAU,CAAC;IACzD,kBAAkB,CAAC,OAAqB;QACtC,IAAI,OAAO,+BAAiB,KAAK,UAAU,EAAE,CAAC;YAC5C,MAAM,KAAK,GAAG,OAAE,CAAC,GAAG,CAAC,+BAAiB,CAAC,CAAC;YACxC,IAAI,KAAK,EAAE,CAAC;gBACV,MAAM,OAAO,GAAG,KAAK,CAAC,QAAQ,EAAuB,CAAC;gBAEtD,IAAI,OAAO,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;oBAC5B,sBAAsB;oBACtB,MAAM,UAAU,GAAG,IAAA,4BAAsB,EAAC,OAAO,CAAC,KAAK,CAAyB,CAAC;oBAEjF,uEAAuE;oBACvE,MAAM,QAAQ,GAAG,UAAU,CAAC,YAAY,IAAI,UAAU,CAAC,IAAI,CAAC;oBAE5D,4BAA4B;oBAC5B,IAAI,CAAC,QAAQ,EAAE,CAAC;wBACd,OAAO;oBACT,CAAC;oBAED,IAAI,OAAO,EAAE,eAAe,EAAE,CAAC;wBAC7B,IAAI,CAAC,yBAAyB,CAAC,OAAO,CAAC,eAAe,CAAC,EAAE,CAAC;4BACxD,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,oBAAoB,OAAO,CAAC,eAAe,qDAAqD,CAAC,CAAC;4BAChH,OAAO;wBACT,CAAC;wBAED,IAAI,OAAO,CAAC,WAAW,CAAC,IAAI,KAAK,yBAAyB,CAAC,OAAO,CAAC,eAAe,CAAC,EAAE,CAAC;4BACpF,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,oBAAoB,OAAO,CAAC,eAAe,8BAA8B,OAAO,CAAC,WAAW,CAAC,IAAI,uBAAuB,CAAC,CAAC;4BACxI,OAAO;wBACT,CAAC;oBACH,CAAC;oBAED,MAAM,QAAQ,GAAG,OAAO,EAAE,eAAe,IAAK,mBAA2B,CAAC,OAAO,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC;oBACxG,MAAM,QAAQ,GAAG,OAAO,EAAE,eAAe,IAAK,mBAA2B,CAAC,OAAO,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC;oBACxG,MAAM,KAAK,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC;oBAC5E,MAAM,MAAM,GAAI,IAAI,CAAC,EAAG,CAAC,GAAG,CAAC,KAAK,CAAS,CAAC,QAAQ,CAAC,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC;oBACxE,MAAM,MAAM,GAAI,IAAI,CAAC,EAAG,CAAC,GAAG,CAAC,KAAK,CAAS,CAAC,QAAQ,CAAC,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC;oBAGxE,IAAI,OAAO,YAAY,wBAAkB,IAAI,OAAO,YAAY,wBAAkB,IAAI,OAAO,YAAY,wBAAkB,EAAE,CAAC;wBAE5H;;2BAEG;wBACH,MAAM,QAAQ,GAAI,OAAO,CAAC,KAAa,EAAE,IAAgB,CAAC;wBAC1D,IAAI,MAAM,EAAE,CAAC;4BACX,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,YAAY,QAAQ,+BAA+B,OAAO,CAAC,IAAI,CAAC,IAAI,YAAY,OAAO,CAAC,eAAe,EAAE,CAAC,CAAC;4BAC1H,OAAO;wBACT,CAAC;6BAAM,IAAI,MAAM,EAAE,CAAC;4BAClB,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,YAAY,QAAQ,+BAA+B,OAAO,CAAC,IAAI,CAAC,IAAI,YAAY,OAAO,CAAC,eAAe,EAAE,CAAC,CAAC;4BAC1H,IAAI,QAAQ,EAAE,CAAC;gCACb,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,iCAAiC,QAAQ,EAAE,CAAC,CAAC;gCAC5D,QAAQ,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;4BACvC,CAAC;iCAAM,IAAI,UAAU,CAAC,UAAU,EAAE,CAAC;gCACjC,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,wCAAwC,QAAQ,EAAE,CAAC,CAAC;gCACnE,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,UAAU,EAAE,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;4BACxE,CAAC;iCAAM,CAAC;gCACN,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,UAAU,CAAC,IAAI,qFAAqF,CAAC,CAAC;gCAAC,MAAM,IAAI,kBAAY,CAAC,SAAS,UAAU,CAAC,IAAI,6DAA6D,CAAC,CAAC;4BAC/O,CAAC;wBACH,CAAC;6BACI,CAAC;4BACJ,MAAM,IAAI,sBAAS,CAAC,2CAA2C,QAAQ,kBAAkB,CAAC,CAAC;wBAC7F,CAAC;oBACH,CAAC;yBAAM,IAAI,OAAO,YAAY,wBAAkB,EAAE,CAAC;wBACjD,IAAI,MAAM,EAAE,CAAC;4BACX,OAAO,CAAC,MAAM,CAAC;gCACb,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,OAAO,CAAC,IAAI,CAAC,eAAe;6BACtD,CAAC,CAAC;wBACL,CAAC;6BAAM,IAAI,CAAC,MAAM,EAAE,CAAC;4BACnB,MAAM,IAAI,sBAAS,CAAC,2CAA2C,QAAQ,oBAAoB,CAAC,CAAC;wBAC/F,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;CACF,CAAA;AAnFY,sEAA6B;AAG9B;IADT,IAAA,mBAAM,EAAC,MAAM,CAAC;8BACC,gBAAG;0DAAC;AAGV;IADT,IAAA,eAAU,GAAE;8BACE,6BAAa;yDAAC;wCANlB,6BAA6B;IADzC,IAAA,eAAU,EAAC,qBAAe,CAAC;GACf,6BAA6B,CAmFzC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"User.d.ts","sourceRoot":"","sources":["../../../src/models/User.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AACjC,OAAO,EAAW,SAAS,EAAmF,UAAU,EAAE,mBAAmB,EAAE,gBAAgB,EAAY,iBAAiB,EAAE,yBAAyB,EAAE,MAAM,cAAc,CAAC;AAC9O,OAAO,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAE1D,OAAO,EAAgB,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAMnE,qBAAa,eAAgB,YAAW,UAAU;IAEhD;;;;;;OAMG;IACI,QAAQ,CAAC,IAAI,EAAE,mBAAmB,CAAC,IAAI,EAAE,CAAC,GAAG,eAAe,EAAE,KAAK,EAAE,MAAM,EAAE;IAKpF;;;;;;;OAOG;IACI,aAAa,CAAC,IAAI,EAAE,mBAAmB,CAAC,IAAI,EAAE,CAAC,GAAG,eAAe,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG;IAU1F,SAAS,CAAC,IAAI,EAAE,mBAAmB,CAAC,IAAI,EAAE,CAAC,GAAG,eAAe,EAAE,WAAW,EAAE,IAAI,GAAG,MAAM;IAMnF,aAAa,CAAC,IAAI,EAAE,mBAAmB,CAAC,IAAI,EAAE,CAAC,GAAG,eAAe;IAejE,aAAa,CAAC,IAAI,EAAE,mBAAmB,CAAC,IAAI,EAAE,CAAC,GAAG,eAAe;IAKvE,UAAU,CAAC,IAAI,EAAE,mBAAmB,CAAC,IAAI,EAAE,CAAC,GAAG,eAAe;IAMrE;;;;OAIG;IACI,YAAY,CAAC,IAAI,EAAE,mBAAmB,CAAC,IAAI,EAAE,CAAC,GAAG,eAAe;IAOhE,UAAU,CAAC,IAAI,EAAE,mBAAmB,CAAC,IAAI,EAAE,CAAC,GAAG,eAAe,EAAE,KAAK,EAAE,MAAM;IAQ7E,UAAU,CAAC,IAAI,EAAE,mBAAmB,CAAC,IAAI,EAAE,CAAC,GAAG,eAAe,EAAE,KAAK,EAAE,MAAM;IAQ7E,SAAS,CAAC,IAAI,EAAE,mBAAmB,CAAC,IAAI,EAAE,CAAC,GAAG,eAAe,EAAE,IAAI,EAAE,MAAM;IAQlF;;;;;;;;;OASG;IACI,aAAa,CAAC,IAAI,EAAE,mBAAmB,CAAC,IAAI,EAAE,GAAG,IAAI,CAAC,GAAG,eAAe,EAAE,UAAU,EAAE,MAAM,GAAG,MAAM;CAa7G;AAED;;GAEG;AACH,oBAAY,oBAAoB;IAC9B,6BAA6B;IAC7B,kBAAkB,uBAAuB;IACzC,mBAAmB,wBAAwB;IAC3C,iBAAiB,sBAAsB;IACvC,eAAe,oBAAoB;IAEnC,wBAAwB;IAExB,WAAW,gBAAgB;IAC3B,UAAU,eAAe;IACzB,uBAAuB,4BAA4B;IAEnD,gBAAgB;IAEhB,cAAc,mBAAmB;IAEjC,qBAAqB;IAGrB,cAAc,mBAAmB;IAEjC,yBAAyB,8BAA8B;IAEvD,wBAAwB,6BAA6B;IAErD,oBAAoB,yBAAyB;IAE7C,2BAA2B,gCAAgC;CAC5D;AAED;;;;GAIG;AACH,qBAEa,QAAS,SAAQ,SAAS,CAAC,QAAQ,CAAC;IAC/C;;;;OAIG;IACH,SAAS,CAAC,OAAO,EAAE,MAAM,EAAE,CAAsB;IAEjD,SAAS,CAAC,GAAG,EAAE,aAAa,CAAC;IAE7B,gBAAuB,YAAY,EAAE,eAAe,CAAyB;gBAE1D,IAAI,CAAC,EAAE,OAAO,CAAC,IAAI,CAAC;IAUhC,EAAE,
|
|
1
|
+
{"version":3,"file":"User.d.ts","sourceRoot":"","sources":["../../../src/models/User.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AACjC,OAAO,EAAW,SAAS,EAAmF,UAAU,EAAE,mBAAmB,EAAE,gBAAgB,EAAY,iBAAiB,EAAE,yBAAyB,EAAE,MAAM,cAAc,CAAC;AAC9O,OAAO,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAE1D,OAAO,EAAgB,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAMnE,qBAAa,eAAgB,YAAW,UAAU;IAEhD;;;;;;OAMG;IACI,QAAQ,CAAC,IAAI,EAAE,mBAAmB,CAAC,IAAI,EAAE,CAAC,GAAG,eAAe,EAAE,KAAK,EAAE,MAAM,EAAE;IAKpF;;;;;;;OAOG;IACI,aAAa,CAAC,IAAI,EAAE,mBAAmB,CAAC,IAAI,EAAE,CAAC,GAAG,eAAe,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG;IAU1F,SAAS,CAAC,IAAI,EAAE,mBAAmB,CAAC,IAAI,EAAE,CAAC,GAAG,eAAe,EAAE,WAAW,EAAE,IAAI,GAAG,MAAM;IAMnF,aAAa,CAAC,IAAI,EAAE,mBAAmB,CAAC,IAAI,EAAE,CAAC,GAAG,eAAe;IAejE,aAAa,CAAC,IAAI,EAAE,mBAAmB,CAAC,IAAI,EAAE,CAAC,GAAG,eAAe;IAKvE,UAAU,CAAC,IAAI,EAAE,mBAAmB,CAAC,IAAI,EAAE,CAAC,GAAG,eAAe;IAMrE;;;;OAIG;IACI,YAAY,CAAC,IAAI,EAAE,mBAAmB,CAAC,IAAI,EAAE,CAAC,GAAG,eAAe;IAOhE,UAAU,CAAC,IAAI,EAAE,mBAAmB,CAAC,IAAI,EAAE,CAAC,GAAG,eAAe,EAAE,KAAK,EAAE,MAAM;IAQ7E,UAAU,CAAC,IAAI,EAAE,mBAAmB,CAAC,IAAI,EAAE,CAAC,GAAG,eAAe,EAAE,KAAK,EAAE,MAAM;IAQ7E,SAAS,CAAC,IAAI,EAAE,mBAAmB,CAAC,IAAI,EAAE,CAAC,GAAG,eAAe,EAAE,IAAI,EAAE,MAAM;IAQlF;;;;;;;;;OASG;IACI,aAAa,CAAC,IAAI,EAAE,mBAAmB,CAAC,IAAI,EAAE,GAAG,IAAI,CAAC,GAAG,eAAe,EAAE,UAAU,EAAE,MAAM,GAAG,MAAM;CAa7G;AAED;;GAEG;AACH,oBAAY,oBAAoB;IAC9B,6BAA6B;IAC7B,kBAAkB,uBAAuB;IACzC,mBAAmB,wBAAwB;IAC3C,iBAAiB,sBAAsB;IACvC,eAAe,oBAAoB;IAEnC,wBAAwB;IAExB,WAAW,gBAAgB;IAC3B,UAAU,eAAe;IACzB,uBAAuB,4BAA4B;IAEnD,gBAAgB;IAEhB,cAAc,mBAAmB;IAEjC,qBAAqB;IAGrB,cAAc,mBAAmB;IAEjC,yBAAyB,8BAA8B;IAEvD,wBAAwB,6BAA6B;IAErD,oBAAoB,yBAAyB;IAE7C,2BAA2B,gCAAgC;CAC5D;AAED;;;;GAIG;AACH,qBAEa,QAAS,SAAQ,SAAS,CAAC,QAAQ,CAAC;IAC/C;;;;OAIG;IACH,SAAS,CAAC,OAAO,EAAE,MAAM,EAAE,CAAsB;IAEjD,SAAS,CAAC,GAAG,EAAE,aAAa,CAAC;IAE7B,gBAAuB,YAAY,EAAE,eAAe,CAAyB;gBAE1D,IAAI,CAAC,EAAE,OAAO,CAAC,IAAI,CAAC;IAUhC,EAAE,EAAG,MAAM,CAAC;IAEZ,IAAI,EAAG,MAAM,CAAC;IAEd,KAAK,EAAG,MAAM,CAAC;IAEtB;;OAEG;IACI,QAAQ,EAAG,MAAM,CAAC;IAEzB;;OAEG;IACI,KAAK,EAAG,MAAM,CAAC;IAEtB;;OAEG;IAEI,IAAI,EAAG,MAAM,EAAE,CAAC;IAEvB;;OAEG;IAEI,SAAS,EAAG,QAAQ,CAAC;IAE5B;;OAEG;IAEI,YAAY,EAAG,QAAQ,CAAC;IAE/B;;OAEG;IAEI,SAAS,EAAG,QAAQ,CAAC;IAGrB,WAAW,EAAG,QAAQ,CAAC;IAE9B;;;OAGG;IACI,QAAQ,EAAG,OAAO,CAAC;IAE1B;;;;;OAKG;IAII,QAAQ,EAAG,gBAAgB,CAAC,gBAAgB,EAAE,IAAI,CAAC,CAAC;IAE3D,IAAW,OAAO,IAAI,OAAO,CAE5B;IAED,IAAW,QAAQ,IAAI,OAAO,CAE7B;IAEM,sBAAsB,CAAC,OAAO,CAAC,EAAE,iBAAiB,GAAG,yBAAyB,CAAC,IAAI,CAAC;IAcpF,GAAG,CAAC,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,UAAU;IAO5D;;;;OAIG;IACI,UAAU,CAAC,QAAQ,EAAE,MAAM;IAIlC;;;;;OAKG;IACI,UAAU,CAAC,QAAQ,EAAE,MAAM;IAIlC;;;;;OAKG;IACI,YAAY,CAAC,QAAQ,EAAE,MAAM;IAIpC;;;;OAIG;IACI,YAAY,CAAC,QAAQ,EAAE,MAAM;IAIpC;;;;OAIG;IACI,YAAY,CAAC,QAAQ,EAAE,MAAM;IAIpC;;;;OAIG;IACI,YAAY,CAAC,QAAQ,EAAE,MAAM;IAIpC;;;;OAIG;IACI,YAAY,CAAC,QAAQ,EAAE,MAAM;IAIpC;;;;OAIG;IACI,YAAY,CAAC,QAAQ,EAAE,MAAM;WAItB,UAAU,CAAC,KAAK,EAAE,MAAM;WAMxB,UAAU,CAAC,KAAK,EAAE,MAAM;WAMxB,SAAS,CAAC,IAAI,EAAE,MAAM;IAMpC;;;;;OAKG;WACW,aAAa,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM;CAGxD;AAED;;GAEG;AACH,qBAEa,IAAK,SAAQ,QAAQ;CAEjC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"User.js","sourceRoot":"","sources":["../../../src/models/User.ts"],"names":[],"mappings":";;;;;;;;;;;;;AAAA,iCAAiC;AACjC,sCAA8O;AAE9O,oCAAiC;AACjC,uDAAmE;AACnE,+BAAoC;AACpC,wCAAwM;AAExM,0DAA8C;AAE9C,MAAa,eAAe;IAE1B;;;;;;OAMG;IACI,QAAQ,CAAsD,KAAe;QAClF,MAAM,CAAC,GAAG,IAAA,iBAAU,EAAC,IAAA,YAAK,GAAE,EAAE,IAAA,iBAAU,GAAE,CAAC,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAC5D,OAAO,IAAI,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IACpC,CAAC;IAED;;;;;;;OAOG;IACI,aAAa,CAAsD,GAAW,EAAE,KAAU;QAC/F,MAAM,CAAC,GAAG,IAAA,iBAAU,EAAC,IAAA,UAAG,EAAC,IAAA,iBAAU,EAAC,IAAA,eAAQ,GAAE,CAAC,EAAE,IAAA,iBAAU,EAAC,IAAA,YAAK,GAAE,EAAE,IAAA,iBAAU,GAAE,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QACjG,MAAM,CAAC,GAAG,IAAA,iBAAU,EAAC,IAAA,eAAQ,GAAE,CAAC,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAEjD,OAAO,IAAI,CAAC,UAAU,CAAC,UAAU,EAAE;YACjC,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;YACrB,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;QACzB,CAAC,CAAC,CAAC;IACL,CAAC;IAEM,SAAS,CAAsD,WAA0B;QAC9F,MAAM,CAAC,GAAG,IAAA,iBAAU,EAAC,IAAA,UAAG,EAAC,IAAA,iBAAU,EAAC,IAAA,eAAQ,GAAE,CAAC,EAAE,IAAA,iBAAU,EAAC,IAAA,YAAK,GAAE,EAAE,IAAA,iBAAU,GAAE,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;QAEjH,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,YAAY,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC;IACxE,CAAC;IAEM,KAAK,CAAC,aAAa;QACxB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE;aACrC,UAAU,CACT,8BAAY,CAAC,KAAK,EAAE,CAAC,KAAK,CAAC;YACzB,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,oBAAoB,CAAC,kBAAkB,CAAC,CAAC;YAC3D,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YAC5B,IAAI,CAAC,KAAK,CAAC,IAAI,cAAQ,CAAC,cAAc,CAAC,CAAC,CAAC;QAC3C,CAAC,CAAC,CACH;aACA,WAAW,EAAE,CAAA;QAGhB,OAAO,MAAM,GAAG,CAAC,CAAC;IACpB,CAAC;IAEM,KAAK,CAAC,aAAa;QACxB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC,KAAK,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;QAC/E,OAAO,MAAM,GAAG,CAAC,CAAC;IACpB,CAAC;IAEM,UAAU;QACf,OAAO,IAAI,CAAC,KAAK,CAAC;YAChB,SAAS,EAAE,IAAW;SACvB,CAAC,CAAC;IACL,CAAC;IAED;;;;OAIG;IACI,YAAY;QACjB,OAAO,IAAI,CAAC,KAAK,CAAC;YAChB,QAAQ,EAAE,IAAI;YACd,SAAS,EAAE,IAAW;SACvB,CAAC,CAAC;IACL,CAAC;IAEM,UAAU,CAAsD,KAAa;QAClF,KAAK,GAAG,IAAA,iBAAU,EAAC,IAAA,YAAK,GAAE,EAAE,IAAA,iBAAU,GAAE,EAAE,IAAA,gBAAS,GAAE,CAAC,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAEvE,OAAO,IAAI,CAAC,KAAK,CAAC;YAChB,KAAK,EAAE,KAAK;SACb,CAAC,CAAC;IACL,CAAC;IAEM,UAAU,CAAsD,KAAa;QAClF,KAAK,GAAG,IAAA,iBAAU,EAAC,IAAA,YAAK,GAAE,EAAE,IAAA,iBAAU,GAAE,CAAC,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAE1D,OAAO,IAAI,CAAC,KAAK,CAAC;YAChB,KAAK,EAAE,KAAK;SACb,CAAC,CAAC;IACL,CAAC;IAEM,SAAS,CAAsD,IAAY;QAChF,IAAI,GAAG,IAAA,iBAAU,EAAC,IAAA,YAAK,GAAE,EAAE,IAAA,eAAQ,GAAE,CAAC,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAErD,OAAO,IAAI,CAAC,KAAK,CAAC;YAChB,IAAI,EAAE,IAAI;SACX,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;;OASG;IACI,aAAa,CAA6D,UAA2B;QAC1G,UAAU,GAAG,IAAA,iBAAU,EAAC,IAAA,UAAG,EAAC,IAAA,iBAAU,EAAC,IAAA,UAAG,EAAC,CAAC,CAAC,CAAC,EAAE,IAAA,cAAO,GAAE,EAAE,IAAA,iBAAU,EAAC,IAAA,YAAK,GAAE,EAAE,IAAA,iBAAU,GAAE,CAAC,CAAC,CAAC,CAAC,UAAU,EAAE,YAAY,CAAC,CAAC;QAEzH,OAAO,IAAI,CAAC,IAAI,CACd,OAAO,UAAU,KAAK,QAAQ,EAC9B;YACE,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAC/B,CAAC,EACD;YACE,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC,OAAO,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC,OAAO,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;QAC3F,CAAC,CACF,CAAC;IACJ,CAAC;CACF;AA3HD,0CA2HC;AAED;;GAEG;AACH,IAAY,oBA6BX;AA7BD,WAAY,oBAAoB;IAC9B,6BAA6B;IAC7B,iEAAyC,CAAA;IACzC,mEAA2C,CAAA;IAC3C,+DAAuC,CAAA;IACvC,2DAAmC,CAAA;IAEnC,wBAAwB;IAExB,mDAA2B,CAAA;IAC3B,iDAAyB,CAAA;IACzB,2EAAmD,CAAA;IAEnD,gBAAgB;IAEhB,yDAAiC,CAAA;IAEjC,qBAAqB;IAErB,gCAAgC;IAChC,yDAAiC,CAAA;IACjC,+BAA+B;IAC/B,+EAAuD,CAAA;IACvD,+BAA+B;IAC/B,6EAAqD,CAAA;IACrD,uBAAuB;IACvB,qEAA6C,CAAA;IAC7C,2CAA2C;IAC3C,mFAA2D,CAAA;AAC7D,CAAC,EA7BW,oBAAoB,oCAApB,oBAAoB,QA6B/B;AAED;;;;GAIG;AAGI,IAAM,QAAQ,gBAAd,MAAM,QAAS,SAAQ,eAAmB;IAY/C,YAAmB,IAAoB;QACrC,KAAK,CAAC,IAAI,CAAC,CAAC;QAZd;;;;WAIG;QACO,YAAO,GAAa,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;QAS/C,IAAI,CAAC,IAAI,GAAG,IAAA,iBAAU,EAAC,IAAA,eAAQ,EAAC,IAAA,SAAM,GAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAC9D,IAAI,CAAC,IAAI,GAAG,IAAA,iBAAU,EAAC,IAAA,eAAQ,EAAC,CAAC,IAAA,oBAAI,EAAC,kBAAkB,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAElF,IAAI,CAAC,GAAG,GAAG,OAAE,CAAC,GAAG,CAAC,eAAe,CAAE,CAAC;IACtC,CAAC;IA+DD,IAAW,OAAO;QAChB,OAAO,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,CAAC;IACrE,CAAC;IAED,IAAW,QAAQ;QACjB,OAAO,IAAI,CAAC,QAAQ,CAAC,oBAAoB,CAAC,kBAAkB,CAAC,KAAK,IAAI,CAAC;IACzE,CAAC;IAEM,sBAAsB,CAAC,OAA2B;QAEvD,MAAM,IAAI,GAAG,KAAK,CAAC,sBAAsB,CAAC,OAAO,CAA+C,CAAA;QAEhG;;WAEG;QACH,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAClB,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,kCAAgB,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,CAAQ,CAAA;QACjG,CAAC;QAED,OAAO,IAAW,CAAC;IACrB,CAAC;IAEM,GAAG,CAAC,QAAgB,EAAE,UAAkB;QAC7C,QAAQ,GAAG,IAAA,iBAAU,EAAC,IAAA,YAAK,GAAE,EAAE,IAAA,iBAAU,GAAE,CAAC,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;QACnE,UAAU,GAAG,IAAA,iBAAU,EAAC,IAAA,YAAK,GAAE,EAAE,IAAA,iBAAU,GAAE,CAAC,CAAC,UAAU,EAAE,YAAY,CAAC,CAAC;QAEzE,OAAQ,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAS,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,CAAC;IAChE,CAAC;IAED;;;;OAIG;IACI,UAAU,CAAC,QAAgB;QAChC,OAAO,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;IACvC,CAAC;IAED;;;;;OAKG;IACI,UAAU,CAAC,QAAgB;QAChC,OAAO,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;IACvC,CAAC;IAED;;;;;OAKG;IACI,YAAY,CAAC,QAAgB;QAClC,OAAO,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;IACzC,CAAC;IAED;;;;OAIG;IACI,YAAY,CAAC,QAAgB;QAClC,OAAO,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;IACzC,CAAC;IAED;;;;OAIG;IACI,YAAY,CAAC,QAAgB;QAClC,OAAO,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;IACzC,CAAC;IAED;;;;OAIG;IACI,YAAY,CAAC,QAAgB;QAClC,OAAO,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;IACzC,CAAC;IAED;;;;OAIG;IACI,YAAY,CAAC,QAAgB;QAClC,OAAO,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;IACzC,CAAC;IAED;;;;OAIG;IACI,YAAY,CAAC,QAAgB;QAClC,OAAO,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;IACzC,CAAC;IAEM,MAAM,CAAC,UAAU,CAAC,KAAa;QACpC,KAAK,GAAG,IAAA,iBAAU,EAAC,IAAA,YAAK,GAAE,EAAE,IAAA,iBAAU,GAAE,CAAC,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAE1D,OAAO,UAAQ,CAAC,KAAK,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,CAAC;IACpD,CAAC;IAEM,MAAM,CAAC,UAAU,CAAC,KAAa;QACpC,KAAK,GAAG,IAAA,iBAAU,EAAC,IAAA,YAAK,GAAE,EAAE,IAAA,iBAAU,GAAE,EAAE,IAAA,gBAAS,GAAE,CAAC,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAEvE,OAAO,UAAQ,CAAC,KAAK,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,CAAC;IACpD,CAAC;IAEM,MAAM,CAAC,SAAS,CAAC,IAAY;QAClC,IAAI,GAAG,IAAA,iBAAU,EAAC,IAAA,YAAK,GAAE,EAAE,IAAA,eAAQ,GAAE,CAAC,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAErD,OAAO,UAAQ,CAAC,KAAK,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,CAAC;IAClD,CAAC;IAED;;;;;OAKG;IACI,MAAM,CAAC,aAAa,CAAC,UAA2B;QACrD,OAAO,UAAQ,CAAC,KAAK,EAAE,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC,KAAK,EAAE,CAAC;IAC5D,CAAC;;AAnNU,4BAAQ;AAUI,qBAAY,GAAoB,IAAI,eAAe,EAAE,AAAzC,CAA0C;AAYtE;IADN,IAAA,aAAO,GAAE;;
|
|
1
|
+
{"version":3,"file":"User.js","sourceRoot":"","sources":["../../../src/models/User.ts"],"names":[],"mappings":";;;;;;;;;;;;;AAAA,iCAAiC;AACjC,sCAA8O;AAE9O,oCAAiC;AACjC,uDAAmE;AACnE,+BAAoC;AACpC,wCAAwM;AAExM,0DAA8C;AAE9C,MAAa,eAAe;IAE1B;;;;;;OAMG;IACI,QAAQ,CAAsD,KAAe;QAClF,MAAM,CAAC,GAAG,IAAA,iBAAU,EAAC,IAAA,YAAK,GAAE,EAAE,IAAA,iBAAU,GAAE,CAAC,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAC5D,OAAO,IAAI,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IACpC,CAAC;IAED;;;;;;;OAOG;IACI,aAAa,CAAsD,GAAW,EAAE,KAAU;QAC/F,MAAM,CAAC,GAAG,IAAA,iBAAU,EAAC,IAAA,UAAG,EAAC,IAAA,iBAAU,EAAC,IAAA,eAAQ,GAAE,CAAC,EAAE,IAAA,iBAAU,EAAC,IAAA,YAAK,GAAE,EAAE,IAAA,iBAAU,GAAE,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QACjG,MAAM,CAAC,GAAG,IAAA,iBAAU,EAAC,IAAA,eAAQ,GAAE,CAAC,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAEjD,OAAO,IAAI,CAAC,UAAU,CAAC,UAAU,EAAE;YACjC,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;YACrB,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;QACzB,CAAC,CAAC,CAAC;IACL,CAAC;IAEM,SAAS,CAAsD,WAA0B;QAC9F,MAAM,CAAC,GAAG,IAAA,iBAAU,EAAC,IAAA,UAAG,EAAC,IAAA,iBAAU,EAAC,IAAA,eAAQ,GAAE,CAAC,EAAE,IAAA,iBAAU,EAAC,IAAA,YAAK,GAAE,EAAE,IAAA,iBAAU,GAAE,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;QAEjH,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,YAAY,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC;IACxE,CAAC;IAEM,KAAK,CAAC,aAAa;QACxB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE;aACrC,UAAU,CACT,8BAAY,CAAC,KAAK,EAAE,CAAC,KAAK,CAAC;YACzB,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,oBAAoB,CAAC,kBAAkB,CAAC,CAAC;YAC3D,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YAC5B,IAAI,CAAC,KAAK,CAAC,IAAI,cAAQ,CAAC,cAAc,CAAC,CAAC,CAAC;QAC3C,CAAC,CAAC,CACH;aACA,WAAW,EAAE,CAAA;QAGhB,OAAO,MAAM,GAAG,CAAC,CAAC;IACpB,CAAC;IAEM,KAAK,CAAC,aAAa;QACxB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC,KAAK,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;QAC/E,OAAO,MAAM,GAAG,CAAC,CAAC;IACpB,CAAC;IAEM,UAAU;QACf,OAAO,IAAI,CAAC,KAAK,CAAC;YAChB,SAAS,EAAE,IAAW;SACvB,CAAC,CAAC;IACL,CAAC;IAED;;;;OAIG;IACI,YAAY;QACjB,OAAO,IAAI,CAAC,KAAK,CAAC;YAChB,QAAQ,EAAE,IAAI;YACd,SAAS,EAAE,IAAW;SACvB,CAAC,CAAC;IACL,CAAC;IAEM,UAAU,CAAsD,KAAa;QAClF,KAAK,GAAG,IAAA,iBAAU,EAAC,IAAA,YAAK,GAAE,EAAE,IAAA,iBAAU,GAAE,EAAE,IAAA,gBAAS,GAAE,CAAC,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAEvE,OAAO,IAAI,CAAC,KAAK,CAAC;YAChB,KAAK,EAAE,KAAK;SACb,CAAC,CAAC;IACL,CAAC;IAEM,UAAU,CAAsD,KAAa;QAClF,KAAK,GAAG,IAAA,iBAAU,EAAC,IAAA,YAAK,GAAE,EAAE,IAAA,iBAAU,GAAE,CAAC,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAE1D,OAAO,IAAI,CAAC,KAAK,CAAC;YAChB,KAAK,EAAE,KAAK;SACb,CAAC,CAAC;IACL,CAAC;IAEM,SAAS,CAAsD,IAAY;QAChF,IAAI,GAAG,IAAA,iBAAU,EAAC,IAAA,YAAK,GAAE,EAAE,IAAA,eAAQ,GAAE,CAAC,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAErD,OAAO,IAAI,CAAC,KAAK,CAAC;YAChB,IAAI,EAAE,IAAI;SACX,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;;OASG;IACI,aAAa,CAA6D,UAA2B;QAC1G,UAAU,GAAG,IAAA,iBAAU,EAAC,IAAA,UAAG,EAAC,IAAA,iBAAU,EAAC,IAAA,UAAG,EAAC,CAAC,CAAC,CAAC,EAAE,IAAA,cAAO,GAAE,EAAE,IAAA,iBAAU,EAAC,IAAA,YAAK,GAAE,EAAE,IAAA,iBAAU,GAAE,CAAC,CAAC,CAAC,CAAC,UAAU,EAAE,YAAY,CAAC,CAAC;QAEzH,OAAO,IAAI,CAAC,IAAI,CACd,OAAO,UAAU,KAAK,QAAQ,EAC9B;YACE,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAC/B,CAAC,EACD;YACE,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC,OAAO,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC,OAAO,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;QAC3F,CAAC,CACF,CAAC;IACJ,CAAC;CACF;AA3HD,0CA2HC;AAED;;GAEG;AACH,IAAY,oBA6BX;AA7BD,WAAY,oBAAoB;IAC9B,6BAA6B;IAC7B,iEAAyC,CAAA;IACzC,mEAA2C,CAAA;IAC3C,+DAAuC,CAAA;IACvC,2DAAmC,CAAA;IAEnC,wBAAwB;IAExB,mDAA2B,CAAA;IAC3B,iDAAyB,CAAA;IACzB,2EAAmD,CAAA;IAEnD,gBAAgB;IAEhB,yDAAiC,CAAA;IAEjC,qBAAqB;IAErB,gCAAgC;IAChC,yDAAiC,CAAA;IACjC,+BAA+B;IAC/B,+EAAuD,CAAA;IACvD,+BAA+B;IAC/B,6EAAqD,CAAA;IACrD,uBAAuB;IACvB,qEAA6C,CAAA;IAC7C,2CAA2C;IAC3C,mFAA2D,CAAA;AAC7D,CAAC,EA7BW,oBAAoB,oCAApB,oBAAoB,QA6B/B;AAED;;;;GAIG;AAGI,IAAM,QAAQ,gBAAd,MAAM,QAAS,SAAQ,eAAmB;IAY/C,YAAmB,IAAoB;QACrC,KAAK,CAAC,IAAI,CAAC,CAAC;QAZd;;;;WAIG;QACO,YAAO,GAAa,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;QAS/C,IAAI,CAAC,IAAI,GAAG,IAAA,iBAAU,EAAC,IAAA,eAAQ,EAAC,IAAA,SAAM,GAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAC9D,IAAI,CAAC,IAAI,GAAG,IAAA,iBAAU,EAAC,IAAA,eAAQ,EAAC,CAAC,IAAA,oBAAI,EAAC,kBAAkB,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAElF,IAAI,CAAC,GAAG,GAAG,OAAE,CAAC,GAAG,CAAC,eAAe,CAAE,CAAC;IACtC,CAAC;IA+DD,IAAW,OAAO;QAChB,OAAO,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,CAAC;IACrE,CAAC;IAED,IAAW,QAAQ;QACjB,OAAO,IAAI,CAAC,QAAQ,CAAC,oBAAoB,CAAC,kBAAkB,CAAC,KAAK,IAAI,CAAC;IACzE,CAAC;IAEM,sBAAsB,CAAC,OAA2B;QAEvD,MAAM,IAAI,GAAG,KAAK,CAAC,sBAAsB,CAAC,OAAO,CAA+C,CAAA;QAEhG;;WAEG;QACH,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAClB,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,kCAAgB,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,CAAQ,CAAA;QACjG,CAAC;QAED,OAAO,IAAW,CAAC;IACrB,CAAC;IAEM,GAAG,CAAC,QAAgB,EAAE,UAAkB;QAC7C,QAAQ,GAAG,IAAA,iBAAU,EAAC,IAAA,YAAK,GAAE,EAAE,IAAA,iBAAU,GAAE,CAAC,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;QACnE,UAAU,GAAG,IAAA,iBAAU,EAAC,IAAA,YAAK,GAAE,EAAE,IAAA,iBAAU,GAAE,CAAC,CAAC,UAAU,EAAE,YAAY,CAAC,CAAC;QAEzE,OAAQ,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAS,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,CAAC;IAChE,CAAC;IAED;;;;OAIG;IACI,UAAU,CAAC,QAAgB;QAChC,OAAO,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;IACvC,CAAC;IAED;;;;;OAKG;IACI,UAAU,CAAC,QAAgB;QAChC,OAAO,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;IACvC,CAAC;IAED;;;;;OAKG;IACI,YAAY,CAAC,QAAgB;QAClC,OAAO,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;IACzC,CAAC;IAED;;;;OAIG;IACI,YAAY,CAAC,QAAgB;QAClC,OAAO,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;IACzC,CAAC;IAED;;;;OAIG;IACI,YAAY,CAAC,QAAgB;QAClC,OAAO,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;IACzC,CAAC;IAED;;;;OAIG;IACI,YAAY,CAAC,QAAgB;QAClC,OAAO,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;IACzC,CAAC;IAED;;;;OAIG;IACI,YAAY,CAAC,QAAgB;QAClC,OAAO,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;IACzC,CAAC;IAED;;;;OAIG;IACI,YAAY,CAAC,QAAgB;QAClC,OAAO,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;IACzC,CAAC;IAEM,MAAM,CAAC,UAAU,CAAC,KAAa;QACpC,KAAK,GAAG,IAAA,iBAAU,EAAC,IAAA,YAAK,GAAE,EAAE,IAAA,iBAAU,GAAE,CAAC,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAE1D,OAAO,UAAQ,CAAC,KAAK,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,CAAC;IACpD,CAAC;IAEM,MAAM,CAAC,UAAU,CAAC,KAAa;QACpC,KAAK,GAAG,IAAA,iBAAU,EAAC,IAAA,YAAK,GAAE,EAAE,IAAA,iBAAU,GAAE,EAAE,IAAA,gBAAS,GAAE,CAAC,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAEvE,OAAO,UAAQ,CAAC,KAAK,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,CAAC;IACpD,CAAC;IAEM,MAAM,CAAC,SAAS,CAAC,IAAY;QAClC,IAAI,GAAG,IAAA,iBAAU,EAAC,IAAA,YAAK,GAAE,EAAE,IAAA,eAAQ,GAAE,CAAC,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAErD,OAAO,UAAQ,CAAC,KAAK,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,CAAC;IAClD,CAAC;IAED;;;;;OAKG;IACI,MAAM,CAAC,aAAa,CAAC,UAA2B;QACrD,OAAO,UAAQ,CAAC,KAAK,EAAE,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC,KAAK,EAAE,CAAC;IAC5D,CAAC;;AAnNU,4BAAQ;AAUI,qBAAY,GAAoB,IAAI,eAAe,EAAE,AAAzC,CAA0C;AAYtE;IADN,IAAA,aAAO,GAAE;;oCACS;AAoBZ;IADN,IAAA,SAAG,GAAE;;sCACiB;AAMhB;IADN,IAAA,eAAS,GAAE;8BACO,gBAAQ;2CAAC;AAMrB;IADN,IAAA,cAAE,GAAE;8BACiB,gBAAQ;8CAAC;AAMxB;IADN,IAAA,gBAAU,GAAE;8BACM,gBAAQ;2CAAC;AAGrB;IADN,IAAA,cAAE,GAAE;8BACgB,gBAAQ;6CAAC;AAiBvB;IAHN,IAAA,aAAO,EAAC,kCAAgB,EAAE;QACzB,UAAU,EAAE,SAAS;KACtB,CAAC;8BACgB,sBAAgB;0CAAyB;mBAhFhD,QAAQ;IAFpB,IAAA,gBAAU,EAAC,SAAS,CAAC;IACrB,IAAA,WAAK,EAAC,OAAO,CAAC;;GACF,QAAQ,CAoNpB;AAED;;GAEG;AAGI,IAAM,IAAI,GAAV,MAAM,IAAK,SAAQ,QAAQ;CAEjC,CAAA;AAFY,oBAAI;eAAJ,IAAI;IAFhB,IAAA,gBAAU,EAAC,SAAS,CAAC;IACrB,IAAA,WAAK,EAAC,OAAO,CAAC;GACF,IAAI,CAEhB"}
|
package/lib/mjs/config/rbac.d.ts
CHANGED
|
@@ -42,6 +42,12 @@ declare const rbac: {
|
|
|
42
42
|
UserRoleRevoked: {
|
|
43
43
|
connection: string;
|
|
44
44
|
};
|
|
45
|
+
UserImpersonationStarted: {
|
|
46
|
+
connection: string;
|
|
47
|
+
};
|
|
48
|
+
UserImpersonationEnded: {
|
|
49
|
+
connection: string;
|
|
50
|
+
};
|
|
45
51
|
};
|
|
46
52
|
connections: {
|
|
47
53
|
name: string;
|
|
@@ -195,6 +201,35 @@ declare const rbac: {
|
|
|
195
201
|
* Column name in database where role is stored, by default is "Role", but if your user table has different column name, you can change it here
|
|
196
202
|
*/
|
|
197
203
|
roleColumn: string;
|
|
204
|
+
/**
|
|
205
|
+
* Role switching behavior. Users with multiple roles can switch the
|
|
206
|
+
* currently active role via /auth/active-role.
|
|
207
|
+
*/
|
|
208
|
+
roleSwitch: {
|
|
209
|
+
/**
|
|
210
|
+
* Roles whose activation requires the user to re-enter their password.
|
|
211
|
+
* Use to gate privileged role switches (e.g. 'admin', 'system').
|
|
212
|
+
*/
|
|
213
|
+
requirePassword: string[];
|
|
214
|
+
};
|
|
215
|
+
/**
|
|
216
|
+
* Impersonation lets a privileged user (createAny on virtual resource
|
|
217
|
+
* 'user:impersonate') act as another user for the rest of the session.
|
|
218
|
+
* Example admin grant:
|
|
219
|
+
* admin: { 'user:impersonate': { 'create:any': ['*'] } }
|
|
220
|
+
*/
|
|
221
|
+
impersonation: {
|
|
222
|
+
/**
|
|
223
|
+
* When true, starting impersonation requires the impersonator to
|
|
224
|
+
* re-enter their password as a confirmation step.
|
|
225
|
+
*/
|
|
226
|
+
requirePassword: boolean;
|
|
227
|
+
/**
|
|
228
|
+
* Targets whose role list intersects this set cannot be impersonated.
|
|
229
|
+
* 'system' is reserved for internal automation and is blocked by default.
|
|
230
|
+
*/
|
|
231
|
+
protectedRoles: string[];
|
|
232
|
+
};
|
|
198
233
|
};
|
|
199
234
|
};
|
|
200
235
|
export default rbac;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"rbac.d.ts","sourceRoot":"","sources":["../../../src/config/rbac.ts"],"names":[],"mappings":"AAcA,QAAA,MAAM,IAAI
|
|
1
|
+
{"version":3,"file":"rbac.d.ts","sourceRoot":"","sources":["../../../src/config/rbac.ts"],"names":[],"mappings":"AAcA,QAAA,MAAM,IAAI;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;YAqLJ;;eAEG;;;;;YASH;;eAEG;;;;;;;;;;QAcL;;WAEG;;QAEH;;;;;eAKO;;;8BAGiB,KAAK,CAAC,QAAQ,CAAC;6BAChB,KAAK,CAAC,QAAQ,CAAC;;;QAMtC;;WAEG;;QAGH;;;WAGG;;YAED;;;eAGG;6BACoB,MAAM,EAAE;;QAGjC;;;;;WAKG;;YAED;;;eAGG;;YAGH;;;eAGG;4BAC2B,MAAM,EAAE;;;CAG3C,CAAC;AAEF,eAAe,IAAI,CAAC"}
|
package/lib/mjs/config/rbac.js
CHANGED
|
@@ -27,6 +27,8 @@ const rbac = {
|
|
|
27
27
|
UserPasswordChangeRequest: { connection: 'rbac-user-empty-queue' },
|
|
28
28
|
UserRoleGranted: { connection: 'rbac-user-empty-queue' },
|
|
29
29
|
UserRoleRevoked: { connection: 'rbac-user-empty-queue' },
|
|
30
|
+
UserImpersonationStarted: { connection: 'rbac-user-empty-queue' },
|
|
31
|
+
UserImpersonationEnded: { connection: 'rbac-user-empty-queue' },
|
|
30
32
|
},
|
|
31
33
|
// by default all events from rbac module are routed to rbac-user-empty-queue
|
|
32
34
|
// and is using empty sink ( no events are sent )
|
|
@@ -208,6 +210,35 @@ const rbac = {
|
|
|
208
210
|
* Column name in database where role is stored, by default is "Role", but if your user table has different column name, you can change it here
|
|
209
211
|
*/
|
|
210
212
|
roleColumn: 'Role',
|
|
213
|
+
/**
|
|
214
|
+
* Role switching behavior. Users with multiple roles can switch the
|
|
215
|
+
* currently active role via /auth/active-role.
|
|
216
|
+
*/
|
|
217
|
+
roleSwitch: {
|
|
218
|
+
/**
|
|
219
|
+
* Roles whose activation requires the user to re-enter their password.
|
|
220
|
+
* Use to gate privileged role switches (e.g. 'admin', 'system').
|
|
221
|
+
*/
|
|
222
|
+
requirePassword: [],
|
|
223
|
+
},
|
|
224
|
+
/**
|
|
225
|
+
* Impersonation lets a privileged user (createAny on virtual resource
|
|
226
|
+
* 'user:impersonate') act as another user for the rest of the session.
|
|
227
|
+
* Example admin grant:
|
|
228
|
+
* admin: { 'user:impersonate': { 'create:any': ['*'] } }
|
|
229
|
+
*/
|
|
230
|
+
impersonation: {
|
|
231
|
+
/**
|
|
232
|
+
* When true, starting impersonation requires the impersonator to
|
|
233
|
+
* re-enter their password as a confirmation step.
|
|
234
|
+
*/
|
|
235
|
+
requirePassword: true,
|
|
236
|
+
/**
|
|
237
|
+
* Targets whose role list intersects this set cannot be impersonated.
|
|
238
|
+
* 'system' is reserved for internal automation and is blocked by default.
|
|
239
|
+
*/
|
|
240
|
+
protectedRoles: ['system'],
|
|
241
|
+
},
|
|
211
242
|
},
|
|
212
243
|
};
|
|
213
244
|
export default rbac;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"rbac.js","sourceRoot":"","sources":["../../../src/config/rbac.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AAEhD,SAAS,GAAG,CAAC,IAAY;IACvB,MAAM,UAAU,GAAG,OAAO,MAAM,KAAK,WAAW,CAAC;IACjD,OAAO;QACL,OAAO,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,mBAAmB,IAAI,OAAO,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,EAAE,KAAK,EAAE,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC;QAEvJ,4CAA4C;QAC5C,OAAO,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,mBAAmB,IAAI,OAAO,CAAC,GAAG,EAAE,EAAE,KAAK,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,EAAE,KAAK,EAAE,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC;KAC/J,CAAC;AACJ,CAAC;AAID,MAAM,IAAI,GAAG;IACX,MAAM,EAAE;QACN,IAAI,EAAE;YACJ,GAAG,EAAE,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC;SACrB;KACF;IACD,KAAK,EAAE;QACL,OAAO,EAAE;YACP,OAAO,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;YAChD,aAAa,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;YACtD,UAAU,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;YACnD,eAAe,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;YACxD,WAAW,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;YACpD,UAAU,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;YACnD,mBAAmB,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;YAC5D,YAAY,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;YACrD,mBAAmB,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;YAC5D,yBAAyB,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;YAClE,eAAe,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;YACxD,eAAe,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;
|
|
1
|
+
{"version":3,"file":"rbac.js","sourceRoot":"","sources":["../../../src/config/rbac.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AAEhD,SAAS,GAAG,CAAC,IAAY;IACvB,MAAM,UAAU,GAAG,OAAO,MAAM,KAAK,WAAW,CAAC;IACjD,OAAO;QACL,OAAO,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,mBAAmB,IAAI,OAAO,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,EAAE,KAAK,EAAE,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC;QAEvJ,4CAA4C;QAC5C,OAAO,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,mBAAmB,IAAI,OAAO,CAAC,GAAG,EAAE,EAAE,KAAK,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,EAAE,KAAK,EAAE,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC;KAC/J,CAAC;AACJ,CAAC;AAID,MAAM,IAAI,GAAG;IACX,MAAM,EAAE;QACN,IAAI,EAAE;YACJ,GAAG,EAAE,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC;SACrB;KACF;IACD,KAAK,EAAE;QACL,OAAO,EAAE;YACP,OAAO,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;YAChD,aAAa,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;YACtD,UAAU,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;YACnD,eAAe,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;YACxD,WAAW,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;YACpD,UAAU,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;YACnD,mBAAmB,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;YAC5D,YAAY,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;YACrD,mBAAmB,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;YAC5D,yBAAyB,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;YAClE,eAAe,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;YACxD,eAAe,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;YACxD,wBAAwB,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;YACjE,sBAAsB,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;SAChE;QAED,6EAA6E;QAC7E,iDAAiD;QACjD,WAAW,EAAE;YACX;gBACE,IAAI,EAAE,uBAAuB;gBAC7B,OAAO,EAAE,sBAAsB;gBAC/B,mBAAmB,EAAE,WAAW;gBAChC,mBAAmB,EAAE,aAAa;aACnC;SACF;KACF;IACD,IAAI,EAAE;QACJ,kBAAkB,EAAE,KAAK;QAEzB,KAAK,EAAE;YACL,UAAU,EAAE,uBAAuB;YAEnC,cAAc,EAAE;gBACd,OAAO,EAAE,IAAI;gBACb,QAAQ,EAAE,qCAAqC;gBAC/C,OAAO,EAAE,yBAAyB;aACnC;YAED,2DAA2D;YAC3D,OAAO,EAAE;gBACP,OAAO,EAAE,IAAI;gBACb,QAAQ,EAAE,oCAAoC;gBAC9C,OAAO,EAAE,2BAA2B;aACrC;YAED,MAAM,EAAE;gBACN,OAAO,EAAE,IAAI;gBACb,QAAQ,EAAE,kCAAkC;gBAC5C,OAAO,EAAE,gBAAgB;aAC1B;YAED,QAAQ,EAAE;gBACR,OAAO,EAAE,IAAI;gBACb,QAAQ,EAAE,oCAAoC;gBAC9C,OAAO,EAAE,kBAAkB;aAC5B;YAED,OAAO,EAAE;gBACP,OAAO,EAAE,IAAI;gBACb,QAAQ,EAAE,mCAAmC;gBAC7C,OAAO,EAAE,iBAAiB;aAC3B;YAED,WAAW,EAAE;gBACX,OAAO,EAAE,IAAI;gBACb,QAAQ,EAAE,uCAAuC;gBACjD,OAAO,EAAE,qBAAqB;aAC/B;YAED,eAAe,EAAE;gBACf,OAAO,EAAE,IAAI;gBACb,QAAQ,EAAE,sCAAsC;gBAChD,OAAO,EAAE,kBAAkB;aAC5B;YAED,kBAAkB,EAAE;gBAClB,OAAO,EAAE,IAAI;gBACb,QAAQ,EAAE,sCAAsC;gBAChD,OAAO,EAAE,gCAAgC;aAC1C;YAED,SAAS,EAAE;gBACT,OAAO,EAAE,IAAI;gBACb,QAAQ,EAAE,qCAAqC;gBAC/C,OAAO,EAAE,mBAAmB;aAC7B;YAED,gDAAgD;YAChD,wCAAwC;YACxC,yDAAyD;YACzD,OAAO,EAAE;gBACP,OAAO,EAAE,IAAI;gBACb,QAAQ,EAAE,wCAAwC;gBAClD,OAAO,EAAE,iBAAiB;aAC3B;SACF;QACD,gDAAgD;QAChD,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,OAAO;gBACb,WAAW,EAAE,eAAe;aAC7B;YACD;gBACE,IAAI,EAAE,MAAM;gBACZ,WAAW,EAAE,sCAAsC;aACpD;SACF;QACD,MAAM,EAAE;YACN,sDAAsD;YACtD,MAAM,EAAE;gBACN,OAAO,EAAE,CAAC,OAAO,CAAC;aACnB;YAED,aAAa,EAAE;gBACb,KAAK,EAAE;oBACL,YAAY,EAAE,CAAC,GAAG,CAAC;oBACnB,UAAU,EAAE,CAAC,GAAG,CAAC;oBACjB,YAAY,EAAE,CAAC,GAAG,CAAC;oBACnB,YAAY,EAAE,CAAC,GAAG,CAAC;iBACpB;gBACD,eAAe,EAAE;oBACf,YAAY,EAAE,CAAC,GAAG,CAAC;oBACnB,UAAU,EAAE,CAAC,GAAG,CAAC;oBACjB,YAAY,EAAE,CAAC,GAAG,CAAC;oBACnB,YAAY,EAAE,CAAC,GAAG,CAAC;iBACpB;aACF;YACD,IAAI,EAAE;gBACJ,MAAM,EAAE;oBACN,UAAU,EAAE,CAAC,OAAO,EAAE,OAAO,CAAC;oBAC9B,YAAY,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,CAAC;iBAC7C;gBACD,eAAe,EAAE;oBACf,YAAY,EAAE,CAAC,GAAG,CAAC;oBACnB,UAAU,EAAE,CAAC,GAAG,CAAC;oBACjB,YAAY,EAAE,CAAC,GAAG,CAAC;oBACnB,YAAY,EAAE,CAAC,GAAG,CAAC;iBACpB;aACF;YACD,KAAK,EAAE;gBACL,OAAO,EAAE,CAAC,aAAa,CAAC;aACzB;SACF;QACD,WAAW,EAAE,OAAO;QACpB,IAAI,EAAE;YACJ,OAAO,EAAE,sBAAsB;SAChC;QACD,QAAQ,EAAE;YACR,OAAO,EAAE,uBAAuB;YAEhC,UAAU,EAAE;gBACV,OAAO,EAAE,iCAAiC;gBAC1C,IAAI,EAAE;oBACJ,mCAAmC;oBACnC,iCAAiC;oBAEjC,+DAA+D;oBAC/D,OAAO,EAAE,kBAAkB;oBAE3B,uFAAuF;oBACvF,6EAA6E;oBAE7E,+FAA+F;oBAC/F,6DAA6D;oBAE7D,+FAA+F;oBAC/F,mFAAmF;oBAEnF,IAAI,EAAE,QAAQ;iBACf;aACF;YAED;;eAEG;YAEH,UAAU,EAAE;gBACV,OAAO,EAAE,IAAI;gBAEb,aAAa;gBACb,sBAAsB,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE;aAC1C;YAED;;eAEG;YACH,qBAAqB,EAAE,EAAE,GAAG,EAAE;SAC/B;QACD,IAAI,EAAE;YACJ,OAAO,EAAE,sBAAsB;SAChC;QACD,OAAO,EAAE;YACP,OAAO,EAAE,oBAAoB;YAE7B,8BAA8B;YAC9B,kBAAkB;YAClB,UAAU,EAAE,GAAG;SAChB;QAED;;WAEG;QACH,UAAU,EAAE,QAAQ;QACpB;;;;;eAKO;QACP,OAAO,EAAE;YACP,MAAM,EAAE;gBACN,YAAY,EAAE,EAAqB;gBACnC,WAAW,EAAE,EAAqB;aACnC;SACF;QAID;;WAEG;QACH,UAAU,EAAE,MAAM;QAElB;;;WAGG;QACH,UAAU,EAAE;YACV;;;eAGG;YACH,eAAe,EAAE,EAAc;SAChC;QAED;;;;;WAKG;QACH,aAAa,EAAE;YACb;;;eAGG;YACH,eAAe,EAAE,IAAI;YAErB;;;eAGG;YACH,cAAc,EAAE,CAAC,QAAQ,CAAa;SACvC;KACF;CACF,CAAC;AAEF,eAAe,IAAI,CAAC"}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import { UserEvent } from './UserEvent.js';
|
|
2
|
+
import { User } from '../models/User.js';
|
|
3
|
+
/**
|
|
4
|
+
* Emitted when an active impersonation ends (explicit stop, logout while
|
|
5
|
+
* impersonating, or session expiry handling). UserUUID is the impersonator
|
|
6
|
+
* who initiated the impersonation; TargetUUID is whoever they were acting as.
|
|
7
|
+
*/
|
|
8
|
+
export declare class UserImpersonationEnded extends UserEvent {
|
|
9
|
+
TargetUUID: string;
|
|
10
|
+
constructor(original: User, target: User);
|
|
11
|
+
}
|
|
12
|
+
//# sourceMappingURL=UserImpersonationEnded.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"UserImpersonationEnded.d.ts","sourceRoot":"","sources":["../../../src/events/UserImpersonationEnded.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAC3C,OAAO,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAC;AAEzC;;;;GAIG;AACH,qBACa,sBAAuB,SAAQ,SAAS;IAC5C,UAAU,EAAE,MAAM,CAAC;gBAEd,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI;CAIzC"}
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
2
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
3
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
4
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
5
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
6
|
+
};
|
|
7
|
+
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
8
|
+
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
9
|
+
};
|
|
10
|
+
import { Event } from '@spinajs/queue';
|
|
11
|
+
import { UserEvent } from './UserEvent.js';
|
|
12
|
+
import { User } from '../models/User.js';
|
|
13
|
+
/**
|
|
14
|
+
* Emitted when an active impersonation ends (explicit stop, logout while
|
|
15
|
+
* impersonating, or session expiry handling). UserUUID is the impersonator
|
|
16
|
+
* who initiated the impersonation; TargetUUID is whoever they were acting as.
|
|
17
|
+
*/
|
|
18
|
+
let UserImpersonationEnded = class UserImpersonationEnded extends UserEvent {
|
|
19
|
+
constructor(original, target) {
|
|
20
|
+
super(original);
|
|
21
|
+
this.TargetUUID = target.Uuid;
|
|
22
|
+
}
|
|
23
|
+
};
|
|
24
|
+
UserImpersonationEnded = __decorate([
|
|
25
|
+
Event(),
|
|
26
|
+
__metadata("design:paramtypes", [User, User])
|
|
27
|
+
], UserImpersonationEnded);
|
|
28
|
+
export { UserImpersonationEnded };
|
|
29
|
+
//# sourceMappingURL=UserImpersonationEnded.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"UserImpersonationEnded.js","sourceRoot":"","sources":["../../../src/events/UserImpersonationEnded.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,gBAAgB,CAAC;AACvC,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAC3C,OAAO,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAC;AAEzC;;;;GAIG;AAEI,IAAM,sBAAsB,GAA5B,MAAM,sBAAuB,SAAQ,SAAS;IAGnD,YAAY,QAAc,EAAE,MAAY;QACtC,KAAK,CAAC,QAAQ,CAAC,CAAC;QAChB,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC;IAChC,CAAC;CACF,CAAA;AAPY,sBAAsB;IADlC,KAAK,EAAE;qCAIgB,IAAI,EAAU,IAAI;GAH7B,sBAAsB,CAOlC"}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import { UserEvent } from './UserEvent.js';
|
|
2
|
+
import { User } from '../models/User.js';
|
|
3
|
+
/**
|
|
4
|
+
* Emitted when `original` starts impersonating `target`. UserUUID (from the
|
|
5
|
+
* base class) holds the impersonator's UUID — the actor who triggered the
|
|
6
|
+
* event — and TargetUUID holds whoever they impersonated.
|
|
7
|
+
*/
|
|
8
|
+
export declare class UserImpersonationStarted extends UserEvent {
|
|
9
|
+
TargetUUID: string;
|
|
10
|
+
constructor(original: User, target: User);
|
|
11
|
+
}
|
|
12
|
+
//# sourceMappingURL=UserImpersonationStarted.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"UserImpersonationStarted.d.ts","sourceRoot":"","sources":["../../../src/events/UserImpersonationStarted.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAC3C,OAAO,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAC;AAEzC;;;;GAIG;AACH,qBACa,wBAAyB,SAAQ,SAAS;IAC9C,UAAU,EAAE,MAAM,CAAC;gBAEd,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI;CAIzC"}
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
2
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
3
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
4
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
5
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
6
|
+
};
|
|
7
|
+
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
8
|
+
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
9
|
+
};
|
|
10
|
+
import { Event } from '@spinajs/queue';
|
|
11
|
+
import { UserEvent } from './UserEvent.js';
|
|
12
|
+
import { User } from '../models/User.js';
|
|
13
|
+
/**
|
|
14
|
+
* Emitted when `original` starts impersonating `target`. UserUUID (from the
|
|
15
|
+
* base class) holds the impersonator's UUID — the actor who triggered the
|
|
16
|
+
* event — and TargetUUID holds whoever they impersonated.
|
|
17
|
+
*/
|
|
18
|
+
let UserImpersonationStarted = class UserImpersonationStarted extends UserEvent {
|
|
19
|
+
constructor(original, target) {
|
|
20
|
+
super(original);
|
|
21
|
+
this.TargetUUID = target.Uuid;
|
|
22
|
+
}
|
|
23
|
+
};
|
|
24
|
+
UserImpersonationStarted = __decorate([
|
|
25
|
+
Event(),
|
|
26
|
+
__metadata("design:paramtypes", [User, User])
|
|
27
|
+
], UserImpersonationStarted);
|
|
28
|
+
export { UserImpersonationStarted };
|
|
29
|
+
//# sourceMappingURL=UserImpersonationStarted.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"UserImpersonationStarted.js","sourceRoot":"","sources":["../../../src/events/UserImpersonationStarted.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,gBAAgB,CAAC;AACvC,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAC3C,OAAO,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAC;AAEzC;;;;GAIG;AAEI,IAAM,wBAAwB,GAA9B,MAAM,wBAAyB,SAAQ,SAAS;IAGrD,YAAY,QAAc,EAAE,MAAY;QACtC,KAAK,CAAC,QAAQ,CAAC,CAAC;QAChB,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC;IAChC,CAAC;CACF,CAAA;AAPY,wBAAwB;IADpC,KAAK,EAAE;qCAIgB,IAAI,EAAU,IAAI;GAH7B,wBAAwB,CAOpC"}
|
|
@@ -12,4 +12,6 @@ export * from './UserPasswordChangeRequest.js';
|
|
|
12
12
|
export * from './UserLogged.js';
|
|
13
13
|
export * from "./UserEvent.js";
|
|
14
14
|
export * from "./UserLoginFailed.js";
|
|
15
|
+
export * from "./UserImpersonationStarted.js";
|
|
16
|
+
export * from "./UserImpersonationEnded.js";
|
|
15
17
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/events/index.ts"],"names":[],"mappings":"AAAA,cAAc,kBAAkB,CAAC;AACjC,cAAc,oBAAoB,CAAC;AACnC,cAAc,iBAAiB,CAAC;AAChC,cAAc,sBAAsB,CAAC;AACrC,cAAc,kBAAkB,CAAC;AACjC,cAAc,0BAA0B,CAAC;AACzC,cAAc,0BAA0B,CAAC;AACzC,cAAc,sBAAsB,CAAC;AACrC,cAAc,sBAAsB,CAAC;AACrC,cAAc,mBAAmB,CAAC;AAClC,cAAc,gCAAgC,CAAC;AAC/C,cAAc,iBAAiB,CAAC;AAChC,cAAc,gBAAgB,CAAC;AAC/B,cAAc,sBAAsB,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/events/index.ts"],"names":[],"mappings":"AAAA,cAAc,kBAAkB,CAAC;AACjC,cAAc,oBAAoB,CAAC;AACnC,cAAc,iBAAiB,CAAC;AAChC,cAAc,sBAAsB,CAAC;AACrC,cAAc,kBAAkB,CAAC;AACjC,cAAc,0BAA0B,CAAC;AACzC,cAAc,0BAA0B,CAAC;AACzC,cAAc,sBAAsB,CAAC;AACrC,cAAc,sBAAsB,CAAC;AACrC,cAAc,mBAAmB,CAAC;AAClC,cAAc,gCAAgC,CAAC;AAC/C,cAAc,iBAAiB,CAAC;AAChC,cAAc,gBAAgB,CAAC;AAC/B,cAAc,sBAAsB,CAAC;AACrC,cAAc,+BAA+B,CAAC;AAC9C,cAAc,6BAA6B,CAAC"}
|
package/lib/mjs/events/index.js
CHANGED
|
@@ -12,4 +12,6 @@ export * from './UserPasswordChangeRequest.js';
|
|
|
12
12
|
export * from './UserLogged.js';
|
|
13
13
|
export * from "./UserEvent.js";
|
|
14
14
|
export * from "./UserLoginFailed.js";
|
|
15
|
+
export * from "./UserImpersonationStarted.js";
|
|
16
|
+
export * from "./UserImpersonationEnded.js";
|
|
15
17
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/events/index.ts"],"names":[],"mappings":"AAAA,cAAc,kBAAkB,CAAC;AACjC,cAAc,oBAAoB,CAAC;AACnC,cAAc,iBAAiB,CAAC;AAChC,cAAc,sBAAsB,CAAC;AACrC,cAAc,kBAAkB,CAAC;AACjC,cAAc,0BAA0B,CAAC;AACzC,cAAc,0BAA0B,CAAC;AACzC,cAAc,sBAAsB,CAAC;AACrC,cAAc,sBAAsB,CAAC;AACrC,cAAc,mBAAmB,CAAC;AAClC,cAAc,gCAAgC,CAAC;AAC/C,cAAc,iBAAiB,CAAC;AAChC,cAAc,gBAAgB,CAAC;AAC/B,cAAc,sBAAsB,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/events/index.ts"],"names":[],"mappings":"AAAA,cAAc,kBAAkB,CAAC;AACjC,cAAc,oBAAoB,CAAC;AACnC,cAAc,iBAAiB,CAAC;AAChC,cAAc,sBAAsB,CAAC;AACrC,cAAc,kBAAkB,CAAC;AACjC,cAAc,0BAA0B,CAAC;AACzC,cAAc,0BAA0B,CAAC;AACzC,cAAc,sBAAsB,CAAC;AACrC,cAAc,sBAAsB,CAAC;AACrC,cAAc,mBAAmB,CAAC;AAClC,cAAc,gCAAgC,CAAC;AAC/C,cAAc,iBAAiB,CAAC;AAChC,cAAc,gBAAgB,CAAC;AAC/B,cAAc,sBAAsB,CAAC;AACrC,cAAc,+BAA+B,CAAC;AAC9C,cAAc,6BAA6B,CAAC"}
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
import { AccessControl } from 'accesscontrol';
|
|
2
|
+
export type ImpersonationDenialReason = 'PROTECTED_ROLE' | 'PRIVILEGE_ESCALATION' | 'SELF_TARGET';
|
|
3
|
+
export interface IImpersonationCheckOptions {
|
|
4
|
+
/** Roles of the user who wants to impersonate */
|
|
5
|
+
originalRoles: string[];
|
|
6
|
+
/** Roles of the target user */
|
|
7
|
+
targetRoles: string[];
|
|
8
|
+
/** Roles that may never be impersonated (default: ['system']) */
|
|
9
|
+
protectedRoles: string[];
|
|
10
|
+
/** AccessControl instance — used to compare effective grants */
|
|
11
|
+
ac: AccessControl;
|
|
12
|
+
}
|
|
13
|
+
export interface IImpersonationCheckResult {
|
|
14
|
+
allowed: boolean;
|
|
15
|
+
reason?: ImpersonationDenialReason;
|
|
16
|
+
detail?: string;
|
|
17
|
+
}
|
|
18
|
+
/**
|
|
19
|
+
* Decides whether `originalRoles` may impersonate a user with `targetRoles`.
|
|
20
|
+
*
|
|
21
|
+
* Rules:
|
|
22
|
+
* 1. If target has any role in `protectedRoles` → denied (PROTECTED_ROLE).
|
|
23
|
+
* 2. If target has any effective grant the original does NOT have, that's an
|
|
24
|
+
* escalation and impersonation is denied (PRIVILEGE_ESCALATION). This
|
|
25
|
+
* blocks equal-or-higher targets — admin cannot impersonate admin, user
|
|
26
|
+
* cannot impersonate admin, but admin can impersonate user.
|
|
27
|
+
*
|
|
28
|
+
* The grant comparison walks accesscontrol's resolved grants, so $extend is
|
|
29
|
+
* honored transitively.
|
|
30
|
+
*/
|
|
31
|
+
export declare function canImpersonate(opts: IImpersonationCheckOptions): IImpersonationCheckResult;
|
|
32
|
+
//# sourceMappingURL=impersonation.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"impersonation.d.ts","sourceRoot":"","sources":["../../src/impersonation.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAE9C,MAAM,MAAM,yBAAyB,GAAG,gBAAgB,GAAG,sBAAsB,GAAG,aAAa,CAAC;AAElG,MAAM,WAAW,0BAA0B;IACzC,iDAAiD;IACjD,aAAa,EAAE,MAAM,EAAE,CAAC;IAExB,+BAA+B;IAC/B,WAAW,EAAE,MAAM,EAAE,CAAC;IAEtB,iEAAiE;IACjE,cAAc,EAAE,MAAM,EAAE,CAAC;IAEzB,gEAAgE;IAChE,EAAE,EAAE,aAAa,CAAC;CACnB;AAED,MAAM,WAAW,yBAAyB;IACxC,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,CAAC,EAAE,yBAAyB,CAAC;IACnC,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;;;;;;;;;;;GAYG;AACH,wBAAgB,cAAc,CAAC,IAAI,EAAE,0BAA0B,GAAG,yBAAyB,CAoC1F"}
|